<?php
	
	if(!isset($_SESSION['username'])){
		echo "<script>alert('请登录！');window.location.href='login.php?m=admin&c=manage'</script>";die;
	}
	//修改新闻的id
	$id = $_GET['id'];

	$aid = $_GET['aid'];
	
	$mid = $_GET['mid'];
//	dbselect($con,'news','*',"id=$id");
	$sql = "select * from news where id=$id";
	$query = mysqli_query($con,$sql);
	
	$data = mysqli_fetch_assoc($query);
		
	$title = $data['title'];
	$remark = $data['remark'];
	$content = $data['content'];
	$edit = $data['edit'];
	$category_id = $data['category_id'];
	$home = $data['home'];
	
	
	
	
	
	 //dbupdate($con,$table,$field,$where=null)

	//提交修改
	if($_POST){
		if($_POST['title'] == ''){
			echo "<script>alert('标题不可为空');</script>";
		}elseif($_POST['remark'] == ''){
			echo "<script>alert('摘要不可为空');</script>";
		}elseif(!isset($_POST['content'])){
			echo "<script>alert('内容不可为空');</script>";
		}elseif($_POST['edit'] == ''){
			echo "<script>alert('作者不可为空');</script>";
		}else{


		$field['title'] = htmlspecialchars(trim($_POST['title']));
		$field['remark'] = htmlspecialchars(trim($_POST['remark']));
		$field['content'] = htmlspecialchars_decode(trim($_POST['content']));
		$field['edit'] = htmlspecialchars(trim($_POST['edit']));
		$field['category_id'] = $_POST['category_id'];
		$field['home'] = $_POST['home'];
		$query = dbupdate($con,'news',$field,"id=$id");
		if($query){
			echo "<script>alert('修改成功');location.href='index.php?m=admin&c=news&mid=$mid&aid=$aid'</script>";
		}else{
			echo "<script>alert('修改失败');location.href='index.php?id={$id}&m=admin&c=news&v=new_upd&mid=$mid&aid=$aid'</script>";
		}
	}
	
}
	//新闻分类

	//dbselect($con,$table,$field='*',$where='',$order='',$limit='')
	$news_cate = dbselect($con,'category','category_name,id','pid=3');


	assign('news_cate',$news_cate);

	assign('title',$title);

	assign('remark',$remark);

	assign('content',$content);

	assign('edit',$edit);

	assign('category_id',$category_id);

	assign('home',$home);

	//权限管理
	authonity($con);



	
?>